Earlier systems and methods introduce the use of mandatory access control to enforce strong compartmentalization between operators of a Network Management System. They also propose mechanisms to carry information about compartmentalization through the network, thereby allowing extension of the compartmentalization to a set of hosts.
Such mechanisms are highly relevant to Network Management Systems, as they can be used to transparently extend to the whole network, compartments defined for operators in the Network Management System. This extension enables implementation of a strong information flow control between operators, each operator being provided, through service virtualization, with a specific view of the network.
The invention disclosed in the co-pending U.S. application Ser. No. 10/045,048 filed on Jan. 15, 2002, describes the use of a compartmentalized Operating System to increase the security of a Network Management Infrastructure, especially when it addresses a Multi-operator environment.
Several standards exist to carry information related to compartmentalization with the traffic. The CIPSO (Commercial Internet Protocol Security Option), for example, communicates security information within and between different security domains. It provides for multiple security domains utilizing a single software environment. Another example of these standards would be the FIPS188 which also supports a large number of compartments. Furthermore, there exists several operating systems that claim compliance with these standards (e.g., SELinux and Trusted Solaris).
Despite the existence of standards, interoperability between different systems that claim to have an implementation of those standards is not guaranteed. As a result, compartmentalization through the network often requires usage of similar Operating Systems.
This constraint is not acceptable in the scope of a Network Management System. Networks are often made of a large variety of heterogeneous Network Elements (e.g., different vendors). It is not reasonable to expect that these Network Elements be built on top of a set of Operating Systems that implement compatible network compartmentalization mechanisms. For example, some Network Elements might be built on top of operating systems that provide non-interoperable network compartmentalization mechanisms: compartmentalization techniques could be different from one system to another. Other Network Elements might be built on top of standard operating systems that do not provide compartmentalization features. Furthermore, even systems that implement compartmentalization do not always support services virtualization needed to provide each operator with a specific view of the network according to the operator's compartment.
The lack of compartmentalization on one of the two hosts involved in a communication, the implementation of different network compartmentalization techniques on these two hosts, and the implementation of similar network compartmentalization techniques configured with inconsistent compartment definitions, are the main foundations for incompatibility. Consequently, service virtualization and compartmentalization through a managed network becomes difficult to achieve because of the heterogeneous nature of such a network, which leads to interoperability problems.
These limitations necessitate the need for a network scheme that allows the integration of different network compartmentalization techniques within a network while providing interoperability between the miscellaneous elements of that network.